ansible

Author	SHA1	Message	Date
Aurélien Bompard	aa0fbcad18	Ipsilon: automatically load the SAML2 metadata for PDC Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2023-04-20 12:43:24 +02:00
Aurélien Bompard	293cf34e8d	Adapt to Ipsilon 3.0.3 Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2022-07-05 17:36:03 +02:00
Aurélien Bompard	6b9d639421	ipsilon: add sebooleans on f36 Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2022-06-03 09:55:25 +02:00
Kevin Fenzi	b68200e0bc	ipsilon: make sure /etc/ipsilon/root is owned by ipsilon Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2022-06-02 15:25:22 -07:00
Aurélien Bompard	c030ab4c77	Ipsilon needs an SELinux boolean to use python-pam Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2022-05-25 11:32:57 +02:00
Aurélien Bompard	cd277a01d8	We now use PAM auth in Ipsilon Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2022-05-25 11:21:07 +02:00
Aurélien Bompard	61821fb1ba	Update ipsilon to 3.0.1 in prod Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2022-05-25 10:27:02 +02:00
Kevin Fenzi	cc0f507a2c	ipsilon: run the saml2 script as ipsilon user Right now it runs as root which means ipsilon can't read it. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-11-30 07:34:16 -08:00
Ryan Lerch	ff1395d99c	ipsilon: clean up ipsilon role This cleans up the ipsilon role, removing a bunch of old, commented out lines, and removes files and templates that are no longer used. Signed-off-by: Ryan Lerch <rlerch@redhat.com>	2021-07-08 10:13:41 +00:00
Aurélien Bompard	0c845843c4	Update ipsilon-fedora on the Ipsilon servers Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-04-30 10:37:31 +02:00
Aurélien Bompard	196d20086c	Some Ipsilon fixes for the new openid api extension Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-26 12:11:07 +01:00
Aurélien Bompard	fc759fd447	Add the ipsilon script to generate the metadata Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-25 11:15:29 +01:00
Aurélien Bompard	b8e6754f97	Use a VM for Ipsilon in prod too Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-03-23 16:55:38 +00:00
Aurélien Bompard	95ca01284a	Use a template for ipsilon's sssd.conf instead of replacing lines Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2021-01-20 10:32:33 +01:00
Aurélien Bompard	a2f74a447e	Ipsilon: fix attribute mapping for GPG & SSH Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-21 11:59:43 +02:00
Aurélien Bompard	157f1d2d52	Ipsilon: improve the HBAC rule Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-15 18:46:51 +02:00
Aurélien Bompard	35f2aeb15d	Actually those tasks must be run on the IPA server Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-15 18:04:21 +02:00
Aurélien Bompard	2cc20bb1af	Ipsilon: create a HBAC rule Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-15 17:51:21 +02:00
Aurélien Bompard	1ca3aff8f1	Ipsilon: configure SSSd Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-08 12:29:37 +02:00
Aurélien Bompard	f4684a1f07	Ipsilon: fix config files Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-08 10:11:36 +02:00
Aurélien Bompard	3a1885bcc9	Ipsilon in staging: deploy config files Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-08 09:48:31 +02:00
Aurélien Bompard	1a1f7d79e4	Ipsilon: fix files location Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-07 14:53:45 +02:00
Aurélien Bompard	62823f5fee	Ipsilon: the custom admin db path must exist, let's set it later Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-07 13:47:39 +02:00
Aurélien Bompard	e73a1bd501	Fix ipsilon config and install script in staging Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-07 12:19:00 +02:00
Aurélien Bompard	7e7399fb50	Syntax. Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-07 10:07:49 +02:00
Aurélien Bompard	ba82363e78	Add a role for ipa clients and use it in Ipsilon Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-07 10:05:19 +02:00
Aurélien Bompard	3ae9b4bd65	We need this plugin obviously Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-07 09:08:52 +02:00
Aurélien Bompard	47d4923de9	Undefined variable Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-06 17:06:44 +02:00
Aurélien Bompard	373d9385e1	Missing dep Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-06 16:50:13 +02:00
Aurélien Bompard	ae35433095	Missing dep Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-06 10:54:25 +02:00
Aurélien Bompard	d1edc6db3d	Prepare ipsilon for a VM deployment in staging Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-10-05 17:24:56 +02:00
Kevin Fenzi	56489ef2c3	ipsilon: comment out for now all the old rhel7 python2 tasks Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2020-09-24 15:08:54 -07:00
Kevin Fenzi	7d9c26fe51	ipsilon: no libsemanage-python in f32 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2020-09-24 14:57:14 -07:00
Aurélien Bompard	5a01ac3566	Ipsilon: deploy the Fedora-specific files from a git repo Signed-off-by: Aurélien Bompard <aurelien@bompard.org>	2020-09-11 12:17:00 +02:00
Rick Elrod	ea96618bd4	Get rid of modernpaste everywhere, redirect it to paste.centos.org everywhere Signed-off-by: Rick Elrod <relrod@redhat.com>	2020-04-24 21:34:18 +02:00
Kevin Fenzi	e50fa5f3f2	freshmaker: remove everything Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2020-04-24 21:34:14 +02:00
Kevin Fenzi	c7d3ba82f4	Enable fpdc scopes in ipsilon. Ticket 7299. This simply installs the ipsilon plugin for fpdc scopes and restarts it. If there's an issue we can easily remove it to roll back to where we were. +1s?	2018-10-16 17:20:52 +00:00
Ricky Elrod	5f12f40dfb	ipsilon oidc scope for modernpaste Signed-off-by: Ricky Elrod <relrod@redhat.com>	2018-04-04 19:37:08 +00:00
Patrick Uiterwijk	de9af8deda	Add src.fp.o OIDC push OIDC scope Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2018-02-07 19:48:49 +01:00
Ralph Bean	193971bcf0	Enable freshmaker OIDC scopes in prod ipsilon.	2018-02-02 17:10:21 +00:00
Ralph Bean	3b21215d4d	Add OIDC scope for freshmaker (staging).	2018-02-02 17:04:05 +00:00
Patrick Uiterwijk	d2cb9a71e6	Prevent confusion by adding handlers Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2018-01-03 00:21:22 +01:00
Patrick Uiterwijk	714d351fc9	Add src.fp.o to trusted roots and deploy wiki scope to prod Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-16 19:33:04 +00:00
Patrick Uiterwijk	bc0bd0df5b	Define mediawiki scope Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-11-13 00:37:39 +00:00
Ralph Bean	cd36f2d5a0	Remove unnecessary with_items.	2017-11-06 19:45:26 +00:00
Patrick Uiterwijk	936e8b261a	yum accepted pkg=, package calls it name= Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2017-10-09 00:38:26 +02:00
Patrick Uiterwijk	adcbf72f03	Packageize this, packageize that, packageize the world Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2017-10-08 22:25:52 +00:00
Ralph Bean	80a9b9476b	Remove unnecessary conditional. Config handles this.	2017-09-21 01:24:06 +00:00
Ralph Bean	e9609eeac0	Add ODCS scopes (staging only).	2017-09-21 01:19:48 +00:00
Ricky Elrod	2c0b780d28	Add waiverdb scope in stg Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>	2017-07-27 17:16:03 +00:00

1 2

93 commits